diff options
author | Kazuki Yamaguchi <k@rhe.jp> | 2016-08-07 11:35:08 +0900 |
---|---|---|
committer | Kazuki Yamaguchi <k@rhe.jp> | 2016-08-16 14:22:08 +0900 |
commit | f3ccb756d7fb501b2b57e975d9a521e0055a8397 (patch) | |
tree | 21811d801722000b7b9b0ccc29d54f2688f17418 /ext | |
parent | 9116661305a9372d07493ea56bd901d77859a490 (diff) | |
download | ruby-openssl-f3ccb756d7fb501b2b57e975d9a521e0055a8397.tar.gz |
pkcs7: fix a memory leak in PKCS7#verify
ossl_obj2bio() must be called after other functions that may raise.
Also, the variable `x509s` is not free'd when PKCS7_verify() fails.
Diffstat (limited to 'ext')
-rw-r--r-- | ext/openssl/ossl_pkcs7.c | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/ext/openssl/ossl_pkcs7.c b/ext/openssl/ossl_pkcs7.c index 31f94c16..61046523 100644 --- a/ext/openssl/ossl_pkcs7.c +++ b/ext/openssl/ossl_pkcs7.c @@ -772,7 +772,9 @@ ossl_pkcs7_verify(int argc, VALUE *argv, VALUE self) VALUE data; const char *msg; + GetPKCS7(self, p7); rb_scan_args(argc, argv, "22", &certs, &store, &indata, &flags); + x509st = GetX509StorePtr(store); flg = NIL_P(flags) ? 0 : NUM2INT(flags); if(NIL_P(indata)) indata = ossl_pkcs7_get_data(self); in = NIL_P(indata) ? NULL : ossl_obj2bio(indata); @@ -784,8 +786,6 @@ ossl_pkcs7_verify(int argc, VALUE *argv, VALUE self) rb_jump_tag(status); } } - x509st = GetX509StorePtr(store); - GetPKCS7(self, p7); if(!(out = BIO_new(BIO_s_mem()))){ BIO_free(in); sk_X509_pop_free(x509s, X509_free); @@ -793,13 +793,13 @@ ossl_pkcs7_verify(int argc, VALUE *argv, VALUE self) } ok = PKCS7_verify(p7, x509s, x509st, in, out, flg); BIO_free(in); - if (ok < 0) ossl_raise(ePKCS7Error, NULL); + sk_X509_pop_free(x509s, X509_free); + if (ok < 0) ossl_raise(ePKCS7Error, "PKCS7_verify"); msg = ERR_reason_error_string(ERR_get_error()); ossl_pkcs7_set_err_string(self, msg ? rb_str_new2(msg) : Qnil); ossl_clear_error(); data = ossl_membio2str(out); ossl_pkcs7_set_data(self, data); - sk_X509_pop_free(x509s, X509_free); return (ok == 1) ? Qtrue : Qfalse; } |